Slashdot Mirror

← Back to Stories (view on slashdot.org)

Blue Security Gives up the Fight

Posted by ryuzaki0 on from the eggs-bacon-sausage-and-splat dept.

bblboy54 writes "According to The Washington Post, Blue Security has closed its doors, which can be confirmed by the Blue Security application failing to work today and their domain no longer resolving. Blue Security's CEO is quoted in the article: "It's clear to us that [quitting] would be the only thing to prevent a full-scale cyber-war that we just don't have the authority to start," Reshef said. "Our users never signed up for this kind of thing." You have to wonder where it goes from here. It seems an effective method has been found but more than a small private company could handle. Will someone else adapt this concept, or does the internet world give up?"

5 of 672 comments (clear)

  1. Re:The problem is it relies on a central server. by Dan+Ost · · Score: 5, Informative

    The problem would be how to make a distributed system that can't be poisoned or decieved by
    an attacker.

    One of the nice attributes of having a central server is that BlueSecurity could validate
    that the site was a legitimate target before unleashing the flurry of opt-out requests.

    --

    *sigh* back to work...
  2. Re:Third Choice? by grub · · Score: 5, Informative


    but anyone who's still getting spam in their inbox should install some nice filtering software.

    That's not the point. If you run your own mail server or rely on filtering at your client end the spam uses up your bandwidth, your storage, your CPU resources to filter it, etc. Spammers like to use zombie machines around the net. Their operations cost them very little as they steal the capability from everyone else.

    --
    Trolling is a art,
  3. Re:Solving the Spam Bot problem by Pfhor · · Score: 4, Informative

    I made my university start the exact same policy. Shut down ports of the machines which were infected with klez. The problem was that students would just think their port was broken and plug into their roommates, etc. Obviously the school should have moved their MAC address into an infected pool and given them their own subnet with a webpage telling them that their machine was infected and to call tech support. But considering the somewhat large resources of people needed to get the machines back online (go and scrub the machine, most people were afraid to even touch them, and klez was a pain to remove). Not to mention the fact that people view their machines as appliances, not something needed to be maintained.

    ISPs are using the blocking of outgoing smtp traffic on port 25 for this very reason. But to really shut down this problem the ISP would also have to be able to provide technical support to remove the virus, or atleast something of that nature. Let alone the customer won't even think their computer is infected (how could it be, i don't download anything!!?) and the flurry of angry phone calls would ensue.

    We had users at my campus that had blocked ports for a month before we were able to get in touch with them, they just thought their computer was broken. Or we get a phone call from an angry parent whose little suzy or billy can't send them email and update their facebook.

    The idea is possible, but it is a nightmare in reality to have to support.

  4. Re:When the going gets tough... by pebs · · Score: 5, Informative

    What we need is to implement an open source p2p DOS network. Everybody can submit a link that they found in SPAM mail, with their DOS client. This way, the more a site is spamvertised, the more it is DOS-ed.
    Of course, the amount of DOS the site gets should be comparable with the bandwidth needed to send the spams, so there are no abuses of the system. Just send their crap back to the sites they run.

    That simply won't work because it will get exploited very easilly. I assume only links that have been submitted a large amount of times will get DDOSed. Someone will create a large amount of fake accounts on the P2P network, submit links to their target (or maybe spoof all the link submissions without needing to create fake accounts), and get a free DDOS network to attack whoever they want.

    --
    #!/
  5. Re:Solving the Spam Bot problem by dubl-u · · Score: 4, Informative

    Why has no one tackled this problem?

    Because its in nobody's financial interest. A zombie computer causes most of its harm to other networks, not the one its on.

    Most of the ISPs are now large telcos and cable companies who hire support staff at would-you-like-fries-with-that wages. They don't have the capacity or the incentive to disinfect a zillion Windows boxes. It's much cheaper to buy a bigger pipe.

    Of course, Microsoft owns the root problem. They sold a supposedly consumer-grade operating system that consumers can't maintain. Windows needs a dialog box that says, "You computer has been invaded by evil fuckwads. Would you like to kick them out?" where the two choices are "Yes" and "Ok".